Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.6 views

SUSE CVE-2017-7813

Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This...

8.2CVSS8.6AI score0.01617EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-7816

WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox 56...

5.3CVSS8.4AI score0.01276EPSS
Exploits1References4
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

DEBIAN-CVE-2017-7810

Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird...

9.8CVSS8.9AI score0.02804EPSS
Exploits0References1
OSV
OSV
added 2017/10/02 12:0 a.m.3 views

UBUNTU-CVE-2017-7812

If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox 56...

5.3CVSS6.8AI score0.01276EPSS
Exploits1References4
OSV
OSV
added 2017/10/02 12:0 a.m.4 views

UBUNTU-CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.1AI score0.02344EPSS
Exploits0References5
OSV
OSV
added 2017/10/02 12:0 a.m.2 views

UBUNTU-CVE-2017-7815

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...

5.3CVSS7AI score0.01161EPSS
Exploits1References4
Rows per page
Query Builder